This article deals with detection of threats in IP telephony, the authors developed a penetration testing
system that is able to check up the level of protection from security threats in IP telephony. SIP is being widely used in
building VoIP networks. Unlike the traditional telephone networks VoIP networks does not have a closed
communication which makes communication medium vulnerable to all kinds of attacks from the in truders. The SIP
server is a key component of VoIP infrastructure and often becomes the aim of attacks and providers have to ensure
the appropriate level of security. We have developed web-based penetration system which is able to check the SIP
server if can face to the most common attacks. The developed application is distributed as an open-source and is
equipped with four modules. The result is reported to the particular e-mail and information supplemented to the report
should help to improve the overall protection of the SIP server. The developed application represents effective tool
which is able to point out the weaknesses of the tested system.